Which of the following individuals provides service feedback to the providers?
Which of the following is a non repetitive set of tasks that lead to the achievement of a new objective?
Which of the following activity loops emphasizes on monitoring and deciding processes?
Which of the following activity loops describes creation of new processes?
In which of the following editions of COBIT was "Management Guidelines" added?
The third edition
The first edition
The fourth edition
The second edition
Which of the following service delivery processes includes controls, document and record, as its sub processes?
Service level management
Information security management
Which of the following phases of IT lifecycle is governed by a series of stages and gates for managing the lifecycle of projects?
IT project phase
IT process phase
IT asset phase
IT discovery phase
Which of the following service delivery processes has the goal to produce, agreed on, timely, reliable, and accurate reports for the effective communication?
Service level management
Information security management
What is the major goal of risk management in the decision-making process?
To manage the clients
To manage the time
To manage the resources
To manage the uncertainty
Which of the following types of risks includes currency risk, liquidity risk, and technology obsolescence?
Which of the following risk functions ensures the product/service alignment with the customer requirements?
Which of the following is the process of identifying and assessing factors that may jeopardize the success of a project or the achievement of a goal?
Which of the following is the process of defining the way work is performed and the tasks that a given job requires?
Which of the following functions of HR department is liable for attitude surveys, labor relation, employee handbook, and labor law compliance?
Compensation and benefit
Analysis and design for work
Which of the following categories measures the health of the organization and the working environment of its employees?
Which of the following is concerned with fairness and transparency?
Continual Service Improvement
The event was particularly timely given the recent launch of the holistic national Cybersecurity Strategy by the Singapore government, which identified existing cyber security skills gaps. Furthermore, the recent spate of local cyber security attacks further underscored the need to further develop local cyber security capabilities.
“CSX 2016 Asia Pacific could not have come at a more crucial juncture for Singapore, given the heightened awareness of the need for cyber security—both by organizations and enterprises as well as in critical public infrastructures,” said Leonard Ong, CISA, CISM, CRISC, ">CGEIT, Board Director of ISACA and associate director at MSD International. “Through this event, and ongoing activities by ISACA, we hope to contribute in building up local and regional cyber security skills and capabilities, and position Singapore as one of the global leaders in cyber security.”
Teo Chin Hock, Deputy Chief Executive of the Cyber Security Agency of Singapore, echoed this need during his opening address at the event. “Addressing cyber security threats go beyond deep cyber security competencies. We also need the professional workforce to be more cohesive and united to anticipate the increasing scale and sophistication of cyber security threats.” said Teo. “With broad membership bases and diverse outreach channels, professional bodies such as ISACA are important to forge a common identity in the profession and foster trust within its professional networks.”
During the event, cyber security experts from around the world convened to discuss the latest challenges in cyber security with over 50 in-depth and insightful sessions. Highlights included an opening keynote by Richard Quest, CNN International news anchor and host of “Quest Means Business,” who underscored the key gaps organizations have around cyber security. Participants also heard from Christos Dimitriadis, Chair of ISACA’s Board of Directors, who discussed current challenges faced by the cyber security industry, and Ashkan Soltani, former chief technologist of the Federal Trade Commission (U.S.), who delved into privacy issues faced by both consumers and organizations.
Event participants also had an opportunity to hear from Justine Bone, who provided insights into the threat that firmware poses to consumers and why it is an issue that needs to be solved now; as well as Eddie Schwartz, president and COO, White Ops, who discussed the changing role of CISOs in a fast evolving threat landscape.
“I enjoyed CSX 2016 Asia Pacific. The event keynotes were very refreshing and they challenged the conventional way of thinking about cyber security as a whole. The sessions were also engaging and well-paced. It was like a mini bootcamp to get up-to-speed on the latest industry trends and challenges, especially since the rate of cybercrime incidents is expected to continue to rise,” said attendee George Abraham, a senior IT professional from a local educational institute.
The event also featured a special networking event as part of ISACA’s Connecting Women Leaders in Technology program.
“ISACA is definitely taking a step in the right direction with the Connecting Women Leaders in Technology networking event. It’s refreshing to be able to connect with other women who speak the same language and face the same issues I do. The event was buzzing with fresh ideas and sharing and I believe the industry needs more of these kinds of events,” said attendee Mary Janice Aljecera, a cyber security professional from the financial sector.
In addition to these activities, attendees could earn up to 32 continuing professional education credits at conference workshops and breakout sessions. For details on CSX guidance, training, tools and certifications, visit
ISACA (.isaca) helps professionals around the globe realize the positive potential of technology in an evolving digital world. By offering industry-leading knowledge, standards, credentialing and education, ISACA enables professionals to apply technology in ways that instill confidence, address threats, drive innovation and create positive momentum for their organizations. Established in 1969, ISACA is a global association with more than 140,000 members and certification holders in 187 countries. ISACA is the creator of the COBIT framework, which helps organizations effectively govern and manage their information and technology. Through its Cybersecurity Nexus (CSX), ISACA helps organizations develop skilled cyber workforces and enables individuals to grow and advance their cyber careers.
Joanne Duffer, .847.660.5564, newsisacaShelina Mahtani Ian Lee, Ketchum Singapore, +65 6220 2623, isacaketchumm
Rolling Meadows, IL, USA (3 October 2016)—Global business technology and cyber security association ISACA will build on its past leadership during Cyber Security Awareness Month with a trove of additional resources for industry professionals, their organizations and the public this October.
As the number and complexity of cyber threats and responses continue to escalate, cyber security awareness is growing globally. Most organizations plan to increase investment in cyber security technologies and training next year, according to the 2016 Cyber Security Investment Insights poll. The results also show that most organizations increased their cyber security training investment in 2016 compared to 2015.
ISACA’s agenda during the month will serve to further advance global awareness and capabilities. Just some of the cyber security resources to be offered include:
ISACA CEO Matt Loeb, ">CGEIT, FASAE, CAE, said cyber security issues have shifted from an IT-centric priority to broader matters in business continuity, economic stability and public safety.
“October marks a good moment in time to think about these implications and take the necessary steps to ready ourselves and our organizations,” Loeb said. “We need to equip and strengthen the cyber security community along the entire continuum, from students to seasoned professionals.”
ISACA established the Cybersecurity Nexus (CSX) in response to an urgent global need for enhanced cyber security skills and training. CSX is a holistic resource for professionals and organizations offering the knowledge, tools, guidance and networking that allows them to be at the forefront of the rapidly changing cyber security landscape. ISACA’s CSX Practitioner Certification (CSXP), launched in 2015, was named the Best Professional Certification Program in the 2016 SC Magazine Awards.
ISACA is a champion of Cyber Security Awareness Month as an organization dedicated to promoting a safer, more secure and more trusted Internet. Additional cyber security resources throughout Cyber Security Awareness Month can be found at
ISACA (.isaca) helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA offers the Cybersecurity Nexus (CSX), a holistic cybersecurity resource, and COBIT, a business framework to govern enterprise technology. ISACA also advances and validates business-critical skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (">CGEIT) and Certified in Risk and Information Systems Control (CRISC) credentials.
Kristen Kessinger, .847.660.5512, communicationsisacaJoanne Duffer, .847.660.5564, communicationsisacaJay Schwab, .847.660.5693 communicationsisaca
ISACA is a highly respected, global nonprofit association that provides education, conferences, publications and certification for IT governance professionals. Four certifications are available from ISACA that address information systems auditing, information security management, enterprise IT governance, and risk and information systems control.
The Certified in the Governance of Enterprise IT (">CGEIT) credential is geared toward professionals who play a significant role in managing, advising andor assuring IT governance. Typical job roles include senior security analyst and chief information security officer—the upper echelon of the organization chart.
Professionals at this level align IT with business strategies and goals, manage IT investments to maximize return on investment, strive for excellence in IT operations and governance, and promote greater efficiency and effectiveness in IT while minimizing risk.
ISACA's ">CGEIT exam covers five domains that address various aspects of governance and risk management:
ISACA's work experience requirements for the ">CGEIT qualification are stringent. To meet the five-year minimum requirement, one year must be directly related to enterprise IT governance frameworks. For the other four years, you must demonstrate experience in at least two of the following domains: strategic management, benefits realization, risk optimization and resource optimization.
If you teach an accredited IT governance curriculum at an approved institution, you can count two full-time years toward every one year of the ">CGEIT work requirement. Candidates with certain types of management experience and advanced degrees or certifications may substitute up to two years to meet the experience requirement.
ISACA ">CGEIT Facts & Figures Certification Name Certified in the Governance of Enterprise IT (">CGEIT) Prerequisites & Required Courses A minimum of five years of professional-level enterprise management experience, or experience serving in an advisory or governance support role (including a minimum of one year defining, managing and establishing Framework for Governance of IT) (evidence required as defined by ">CGEIT Job Practice) Agree to adhere to the ISACA Code of Professional Ethics
Agree to comply with the ">CGEIT Continuing Education Policy
Number of Exams One exam (150 questions, 4 hours) Cost per Exam $450 to $685, depending on when you register and whether or not you belong to ISACA URL .isacaCertification">CGEIT-Certified-in-the-Governance-of-Enterprise-ITPagesdefault.aspx Self-Study Materials Candidate's Guide to the ">CGEIT Exam, job practice, study materials and review courses are available on the certification web page
MORE: ISACA Certs and Career Paths
If you’ve been around the cert world for any length of time you’ve already heard about ISACA. ISACA used to be an acronym for Information Systems Audit and Control Association, but they forwent the underlying expansion and switched their name to the acronym a few years back. ISACA is best known for its Certified Information Systems Audit (CISA) and its Certified Information Security Manager (CISM) credentials, but has somewhat recently come out with a couple more credentials: the Certified in the Governance of Enterprise IT (">CGEIT: 2007) and the Certified in Risk and Information Systems Control (CRISC: 2010).
I’ll write about the CRISC (pronounced “see-risk”) some other time; today, my subject is the ">CGEIT (I don’t see a preferred pronunciation for this credential, but I’m in favor of “see-gite” where gite rhymes with kite). This credential is like the CRISC and the PMP in that it stresses skills that more senior IT professionals are likely to find useful in their jobs, particularly in lead technical or managment positions where an understanding of governance, risk management, and project management are ALL likely to come into play at one time or another.
A closer look at the ">CGEIT shows it to be squarely aimed at IT governance topics, and is a joint effort between ISACA and the IT Governance Institute (ITGI). There’s a pretty comprehensive list of study materials available online, that show a profound preference for ITGI, ValIT, and COBIT framework literature and materials. Thus, to some extent, the ">CGEIT can be veiwed as an alternative to similar certifications available from the IT Infrastructure Library (ITIL). In both arenas, the emphasis is to understand and use prevailing best practices and modules for IT operations and governance, with particular emphasis on how to align IT with an organization’s business objectives or explicit charter. This includes a determination to rationalize and manage investments in and use of IT to achieve the best return on investment (ROI), to minimize risk and exposure, and to establishing an environment where continuous improvement on processes and policies guides all planning and activity.
For those who plan to work in IT over the long haul, particularly for those inclined to climb either a technical or a mangement job ladder in IT, the ">CGEIT (or something like it in the ITIL space) is an excellent “soft skills” credential that can augment and extend a person’s knowledge and skills outside inherently technical, or platform- or technology-specific domains. It’s definitely worth looking into, and perhaps even pursuing for those who find its subject matter interesting enough to justify at least three months’ of study and preparation and a $375-475 exam.
The Certified in the Governance of Enterprise IT (">CGEIT) qualification awarded by ISACA is designed to provide a premier certificate for professionals responsible for directing, managing or otherwise supporting the governance of IT in a large organisation.
IT Governance offers a complete range of products, including study guides and training courses, designed to help you pass the ">CGEIT examination at the first attempt.
Study for your Certified in the Governance of Enterprise IT (">CGEIT) Exam
Our complete range of ">CGEIT study guides and training services:
The ">CGEIT certification is awarded to candidates with at least five years of relevant work experience in IT governance and who pass a rigorous written exam which is held in June and December each year.
ISACA defines five ">CGEIT domains on which you will be examined:
For more information, please see the official ISACA 'How to Become ">CGEIT Certified' web page.
How do you pass the ">CGEIT exam at the first attempt?
We recommend the following:
The Certified in the Governance of Enterprise IT (">CGEIT) Training Course is designed to provide a complete preparation to ensure that you pass the ISACA ">CGEIT examination at the first attempt. This four-day course runs at our UK training centres and offers the perfect revision and preparation for the ">CGEIT exam scheduled in June and December of each year.
Full details of this course, together with dates and venues, can be found on the ">CGEIT Training Course page. Please book online or call our Training Team on +44 (0)845 070 1750 to discuss your specific requirements.
">CGEIT exam registration
The ">CGEIT qualification is awarded by the ISACA examination body. The exam can only be taken in June or December. You must book your exam direct with ISACA.
Deadlines for registration are as follows:
Following registration and payment, you will receive the following from ISACA:
ISACA for further details >>
Exam centre locations >>
Essential ">CGEIT books and study guides
Preparation is essential to passing the ">CGEIT exam and we strongly advise that you purchase the ">CGEIT exam and study guides. IT Governance is the exclusive approved reseller of ISACA publications in the UK, and all titles are available from our dedicated ISACA certification bookstore.
We particularly recommend the ">CGEIT Exam Passport, which includes copies of the ">CGEIT Review Manual, 7th Edition, and the ">CGEIT Review Questions, Answers and Explanations Manual, 4th Edition – the most up-to-date study aids for the 2016 ">CGEIT exam.
Continuing professional education
There is a continuing professional education (CPE) policy in respect of qualified ">CGEIT professionals. The goal of this policy is to ensure that all ">CGEITs maintain an adequate level of current knowledge and proficiency in the field of IT governance.
“">CGEITs who successfully comply with the continuing professional education policy will be better equipped to support the Board of Directors and executive management.” The responsibility for setting the CPE requirements rests with the ">CGEIT Certification Board, which oversees the process and requirements to ensure their applicability.
Maintenance fees and a minimum of 20 contact hours of CPE are required annually. In addition, a minimum of 120 contact hours are required during a fixed three-year period.
Please see the Maintain Your ">CGEIT page on the ISACA website for further details.
To support your ">CGEIT CPE, you may be interested in the following IT Governance training courses: